27 matches found
EUVD-2016-9217
Malware in sbrugna...
EUVD-2016-9205
Malware in sbrugna...
EUVD-2016-9209
Malware in sbrugna...
EUVD-2016-9226
Malware in sbrugna...
CVE-2016-8361
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application uses a hard-coded username with no password allowing an attacker into the system without authentication...
CVE-2016-8361
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application uses a hard-coded username with no password allowing an attacker into the system without authentication...
CVE-2016-8369
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application does not sufficiently verify if a request was intentionally provided by the user who submitted the request CROSS-SITE REQUEST FORGERY...
CVE-2016-8378
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application's database lacks sufficient safeguards for protecting credentials...
Cross site request forgery (csrf)
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application does not sufficiently verify if a request was intentionally provided by the user who submitted the request CROSS-SITE REQUEST FORGERY...
CVE-2016-8357
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept those commands. This would allow an attacker with read-only access to make changes within the application...
CVE-2016-8361
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application uses a hard-coded username with no password allowing an attacker into the system without authentication...
Hardcoded credentials
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application uses a hard-coded username with no password allowing an attacker into the system without authentication...
Command injection
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept those commands. This would allow an attacker with read-only access to make changes within the application...
CVE-2016-8357
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept those commands. This would allow an attacker with read-only access to make changes within the application...
CVE-2016-8357
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept those commands. This would allow an attacker with read-only access to make changes within the application...
Command injection
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application's database lacks sufficient safeguards for protecting credentials...
CVE-2016-8361
CVE-2016-8361 affects Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The root cause is a hard-coded username with no password, enabling an attacker to gain access without authentication to the system. Exploitation could permit unauthenticated access and command execution, consistent with...
CVE-2016-8361
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application uses a hard-coded username with no password allowing an attacker into the system without authentication...
CVE-2016-8357
The CVE-2016-8357 vulnerability affects Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept them, enabling an attacker with read-only access to cause changes within the application. This is describe...
CVE-2016-8378
CVE-2016-8378 affects Lynxspring JENEsys BAS Bridge